fix: prevent GBytes leak in GdkPixbufFromSkBitmap on Linux/GTK (#49897)

Inside gtk_util::GdkPixbufFromSkBitmap, g_bytes_new() was called
inline as an argument to gdk_pixbuf_new_from_bytes(), which per
GTK docs does not take ownership of the GBytes - it adds its own
internal reference. The caller's GBytes* was never stored or
unreffed, leaking 4 x width x height bytes of pixel data on every
call.

Co-authored-by: trop[bot] <37223003+trop[bot]@users.noreply.github.com>
Co-authored-by: redeemer <marcin.probola@gmail.com>

.github/actions/build-electron/action.yml

@@ -180,6 +180,7 @@ runs:
     - name: Publish Electron Dist ${{ inputs.step-suffix }}
       if: ${{ inputs.is-release == 'true' }}
       shell: bash
+      id: github-upload
       run: |
         rm -rf src/out/Default/obj
         cd src/electron
@@ -190,6 +191,11 @@ runs:
           echo 'Uploading Electron release distribution to GitHub releases'
           script/release/uploaders/upload.py --verbose
         fi
+    - name: Generate artifact attestation
+      if: ${{ inputs.is-release == 'true' }}
+      uses: actions/attest-build-provenance@96278af6caaf10aea03fd8d33a09a777ca52d62f # v3.2.0
+      with:
+        subject-path: ${{ steps.github-upload.outputs.UPLOADED_PATHS }}
     - name: Generate siso report
       if: ${{ inputs.target-platform != 'win' && !cancelled() }}
       shell: bash

.github/actions/install-build-tools/action.yml

@@ -15,7 +15,7 @@ runs:
         git config --global core.preloadindex true
         git config --global core.longpaths true
       fi
-      export BUILD_TOOLS_SHA=4430e4a505e0f4fa2a41b707a10a36f780bbdd26
+      export BUILD_TOOLS_SHA=a0cc95a1884a631559bcca0c948465b725d9295a
       npm i -g @electron/build-tools
       # Update depot_tools to ensure python
       e d update_depot_tools

.github/copilot-instructions.md

@@ -0,0 +1,122 @@
+# Copilot Instructions for Electron
+
+## Build System
+
+Electron uses `@electron/build-tools` (`e` CLI). Install with `npm i -g @electron/build-tools`.
+
+```bash
+e sync              # Fetch sources and apply patches
+e build             # Build Electron (GN + Ninja)
+e build -k 999      # Build, continuing through errors
+e start             # Run built Electron
+e start --version   # Verify Electron launches
+e test              # Run full test suite
+e debug             # Run in debugger (lldb on macOS, gdb on Linux)
+```
+
+### Linting
+
+```bash
+npm run lint              # Run all linters (JS, C++, Python, GN, docs)
+npm run lint:js           # JavaScript/TypeScript only
+npm run lint:clang-format # C++ formatting only
+npm run lint:cpp          # C++ linting only
+npm run lint:docs         # Documentation only
+```
+
+### Running a Single Test
+
+```bash
+npm run test -- -g "pattern"   # Run tests matching a regex pattern
+# Example: npm run test -- -g "ipc"
+```
+
+### Running a Single Node.js Test
+
+```bash
+node script/node-spec-runner.js parallel/test-crypto-keygen
+```
+
+## Architecture
+
+Electron embeds Chromium (rendering) and Node.js (backend) to enable desktop apps with web technologies. The parent directory (`../`) is the Chromium source tree.
+
+### Process Model
+
+Electron has two primary process types, mirroring Chromium:
+
+- **Main process** (`shell/browser/` + `lib/browser/`): Controls app lifecycle, creates windows, system APIs
+- **Renderer process** (`shell/renderer/` + `lib/renderer/`): Runs web content in BrowserWindows
+
+### Native ↔ JavaScript Bridge
+
+Each API is implemented as a C++/JS pair:
+
+- C++ side: `shell/browser/api/electron_api_{name}.cc/.h` — uses `gin::Wrappable` and `ObjectTemplateBuilder`
+- JS side: `lib/browser/api/{name}.ts` — exports the module, registered in `lib/browser/api/module-list.ts`
+- Binding: `NODE_LINKED_BINDING_CONTEXT_AWARE(electron_browser_{name}, Initialize)` in C++ and registered in `shell/common/node_bindings.cc`
+- Type declaration: `typings/internal-ambient.d.ts` maps `process._linkedBinding('electron_browser_{name}')`
+
+### Patches System
+
+Electron patches upstream dependencies (Chromium, Node.js, V8, etc.) rather than forking them. Patches live in `patches/` organized by target, with `patches/config.json` mapping directories to repos.
+
+```text
+patches/{target}/*.patch  →  [e sync]   →  target repo commits
+                          ←  [e patches] ←
+```
+
+Key rules:
+
+- Fix existing patches rather than creating new ones
+- Preserve original authorship in TODO comments — never change `TODO(name)` assignees
+- Each patch commit message must explain why the patch exists
+- After modifying patches, run `e patches {target}` to export
+
+When working on the `roller/chromium/main` branch for Chromium upgrades, use `e sync --3` for 3-way merge conflict resolution.
+
+## Conventions
+
+### File Naming
+
+- JS/TS files: kebab-case (`file-name.ts`)
+- C++ files: snake_case with `electron_api_` prefix (`electron_api_safe_storage.cc`)
+- Test files: `api-{module-name}-spec.ts` in `spec/`
+- Source file lists are maintained in `filenames.gni` (with platform-specific sections)
+
+### JavaScript/TypeScript
+
+- Semicolons required (`"semi": ["error", "always"]`)
+- `const` and `let` only (no `var`)
+- Arrow functions preferred
+- Import order enforced: `@electron/internal` → `@electron` → `electron` → external → builtin → relative
+- API naming: `PascalCase` for classes (`BrowserWindow`), `camelCase` for module APIs (`globalShortcut`)
+- Prefer getters/setters over jQuery-style `.text([text])` patterns
+
+### C++
+
+- Follows Chromium coding style, enforced by `clang-format` and `clang-tidy`
+- Uses Chromium abstractions (`base::`, `content::`, etc.)
+- Header guards: `#ifndef ELECTRON_SHELL_BROWSER_API_ELECTRON_API_{NAME}_H_`
+- Platform-specific files: `_mac.mm`, `_win.cc`, `_linux.cc`
+
+### Testing
+
+- Framework: Mocha + Chai + Sinon
+- Test helpers in `spec/lib/` (e.g., `spec-helpers.ts`, `window-helpers.ts`)
+- Use `defer()` from spec-helpers for cleanup, `closeAllWindows()` for window teardown
+- Tests import from `electron/main` or `electron/renderer`
+
+### Documentation
+
+- API docs in `docs/api/` as Markdown, parsed by `@electron/docs-parser` to generate `electron.d.ts`
+- API history tracked via YAML blocks in HTML comments within doc files
+- Docs must pass `npm run lint:docs`
+
+### Build Configuration
+
+- `BUILD.gn`: Main GN build config
+- `buildflags/buildflags.gni`: Feature flags (PDF viewer, extensions, spellchecker)
+- `build/args/`: Build argument profiles (`testing.gn`, `release.gn`, `all.gn`)
+- `DEPS`: Dependency versions and checkout paths
+- `chromium_src/`: Chromium source file overrides (compiled instead of originals)

.github/workflows/linux-publish.yml

@@ -43,9 +43,12 @@ jobs:
       uses: ./src/electron/.github/actions/checkout
 
   publish-x64:
-    uses: ./.github/workflows/pipeline-segment-electron-build.yml
+    uses: ./.github/workflows/pipeline-segment-electron-publish.yml
     permissions:
+      artifact-metadata: write
+      attestations: write
       contents: read
+      id-token: write
     needs: checkout-linux
     with:
       environment: production-release
@@ -60,9 +63,12 @@ jobs:
     secrets: inherit
 
   publish-arm:
-    uses: ./.github/workflows/pipeline-segment-electron-build.yml
+    uses: ./.github/workflows/pipeline-segment-electron-publish.yml
     permissions:
+      artifact-metadata: write
+      attestations: write
       contents: read
+      id-token: write
     needs: checkout-linux
     with:
       environment: production-release
@@ -77,9 +83,12 @@ jobs:
     secrets: inherit
 
   publish-arm64:
-    uses: ./.github/workflows/pipeline-segment-electron-build.yml
+    uses: ./.github/workflows/pipeline-segment-electron-publish.yml
     permissions:
+      artifact-metadata: write
+      attestations: write
       contents: read
+      id-token: write
     needs: checkout-linux
     with:
       environment: production-release

.github/workflows/macos-publish.yml

@@ -47,9 +47,12 @@ jobs:
         target-platform: macos
 
   publish-x64-darwin:
-    uses: ./.github/workflows/pipeline-segment-electron-build.yml
+    uses: ./.github/workflows/pipeline-segment-electron-publish.yml
     permissions:
+      artifact-metadata: write
+      attestations: write
       contents: read
+      id-token: write
     needs: checkout-macos
     with:
       environment: production-release
@@ -64,9 +67,12 @@ jobs:
     secrets: inherit
 
   publish-x64-mas:
-    uses: ./.github/workflows/pipeline-segment-electron-build.yml
+    uses: ./.github/workflows/pipeline-segment-electron-publish.yml
     permissions:
+      artifact-metadata: write
+      attestations: write
       contents: read
+      id-token: write
     needs: checkout-macos
     with:
       environment: production-release
@@ -81,9 +87,12 @@ jobs:
     secrets: inherit
 
   publish-arm64-darwin:
-    uses: ./.github/workflows/pipeline-segment-electron-build.yml
+    uses: ./.github/workflows/pipeline-segment-electron-publish.yml
     permissions:
+      artifact-metadata: write
+      attestations: write
       contents: read
+      id-token: write
     needs: checkout-macos
     with:
       environment: production-release
@@ -98,9 +107,12 @@ jobs:
     secrets: inherit
 
   publish-arm64-mas:
-    uses: ./.github/workflows/pipeline-segment-electron-build.yml
+    uses: ./.github/workflows/pipeline-segment-electron-publish.yml
     permissions:
+      artifact-metadata: write
+      attestations: write
       contents: read
+      id-token: write
     needs: checkout-macos
     with:
       environment: production-release

.github/workflows/pipeline-electron-lint.yml

@@ -85,4 +85,8 @@ jobs:
       run: |
         cd src/electron
         node script/yarn.js tsc -p tsconfig.script.json
-    
+    - name: Check GHA Workflows
+      shell: bash
+      run: |
+        cd src/electron
+        node script/copy-pipeline-segment-publish.js --check

.github/workflows/pipeline-segment-electron-publish.yml

@@ -0,0 +1,237 @@
+# AUTOGENERATED FILE - DO NOT EDIT MANUALLY
+# ONLY EDIT .github/workflows/pipeline-segment-electron-build.yml
+
+name: Pipeline Segment - Electron Build
+on:
+  workflow_call:
+    inputs:
+      environment:
+        description: using the production or testing environment
+        required: false
+        type: string
+      target-platform:
+        type: string
+        description: Platform to run on, can be macos, win or linux
+        required: true
+      target-arch:
+        type: string
+        description: Arch to build for, can be x64, arm64, ia32 or arm
+        required: true
+      target-variant:
+        type: string
+        description: Variant to build for, no effect on non-macOS target platforms. Can
+          be darwin, mas or all.
+        default: all
+      build-runs-on:
+        type: string
+        description: What host to run the build
+        required: true
+      build-container:
+        type: string
+        description: JSON container information for aks runs-on
+        required: false
+        default: '{"image":null}'
+      is-release:
+        description: Whether this build job is a release job
+        required: true
+        type: boolean
+        default: false
+      gn-build-type:
+        description: The gn build type - testing or release
+        required: true
+        type: string
+        default: testing
+      generate-symbols:
+        description: Whether or not to generate symbols
+        required: true
+        type: boolean
+        default: false
+      upload-to-storage:
+        description: Whether or not to upload build artifacts to external storage
+        required: true
+        type: string
+        default: "0"
+      is-asan:
+        description: Building the Address Sanitizer (ASan) Linux build
+        required: false
+        type: boolean
+        default: false
+      enable-ssh:
+        description: Enable SSH debugging
+        required: false
+        type: boolean
+        default: false
+permissions: {}
+concurrency:
+  group: electron-build-${{ inputs.target-platform }}-${{ inputs.target-arch
+    }}-${{ inputs.target-variant }}-${{ inputs.is-asan }}-${{
+    github.ref_protected == true && github.run_id || github.ref }}
+  cancel-in-progress: ${{ github.ref_protected != true }}
+env:
+  CHROMIUM_GIT_COOKIE: ${{ secrets.CHROMIUM_GIT_COOKIE }}
+  CHROMIUM_GIT_COOKIE_WINDOWS_STRING: ${{ secrets.CHROMIUM_GIT_COOKIE_WINDOWS_STRING }}
+  DD_API_KEY: ${{ secrets.DD_API_KEY }}
+  ELECTRON_ARTIFACTS_BLOB_STORAGE: ${{ secrets.ELECTRON_ARTIFACTS_BLOB_STORAGE }}
+  ELECTRON_RBE_JWT: ${{ secrets.ELECTRON_RBE_JWT }}
+  SUDOWOODO_EXCHANGE_URL: ${{ secrets.SUDOWOODO_EXCHANGE_URL }}
+  SUDOWOODO_EXCHANGE_TOKEN: ${{ secrets.SUDOWOODO_EXCHANGE_TOKEN }}
+  GCLIENT_EXTRA_ARGS: ${{ inputs.target-platform == 'macos' &&
+    '--custom-var=checkout_mac=True --custom-var=host_os=mac' ||
+    inputs.target-platform == 'win' && '--custom-var=checkout_win=True' ||
+    '--custom-var=checkout_arm=True --custom-var=checkout_arm64=True' }}
+  ELECTRON_OUT_DIR: Default
+  ACTIONS_STEP_DEBUG: ${{ secrets.ACTIONS_STEP_DEBUG }}
+jobs:
+  build:
+    defaults:
+      run:
+        shell: bash
+    runs-on: ${{ inputs.build-runs-on }}
+    permissions:
+      artifact-metadata: write
+      attestations: write
+      contents: read
+      id-token: write
+    container: ${{ fromJSON(inputs.build-container) }}
+    environment: ${{ inputs.environment }}
+    env:
+      TARGET_ARCH: ${{ inputs.target-arch }}
+      TARGET_PLATFORM: ${{ inputs.target-platform }}
+    steps:
+      - name: Create src dir
+        run: |
+          mkdir src
+      - name: Checkout Electron
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+        with:
+          path: src/electron
+          fetch-depth: 0
+          ref: ${{ github.event.pull_request.head.sha }}
+      - name: Setup SSH Debugging
+        if: ${{ inputs.target-platform == 'macos' && (inputs.enable-ssh ||
+          env.ACTIONS_STEP_DEBUG == 'true') }}
+        uses: ./src/electron/.github/actions/ssh-debug
+        with:
+          tunnel: "true"
+        env:
+          CLOUDFLARE_TUNNEL_CERT: ${{ secrets.CLOUDFLARE_TUNNEL_CERT }}
+          CLOUDFLARE_TUNNEL_HOSTNAME: ${{ vars.CLOUDFLARE_TUNNEL_HOSTNAME }}
+          CLOUDFLARE_USER_CA_CERT: ${{ secrets.CLOUDFLARE_USER_CA_CERT }}
+          AUTHORIZED_USERS: ${{ secrets.SSH_DEBUG_AUTHORIZED_USERS }}
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      - name: Free up space (macOS)
+        if: ${{ inputs.target-platform == 'macos' }}
+        uses: ./src/electron/.github/actions/free-space-macos
+      - name: Check disk space after freeing up space
+        if: ${{ inputs.target-platform == 'macos' }}
+        run: df -h
+      - name: Setup Node.js/npm
+        if: ${{ inputs.target-platform == 'macos' }}
+        uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020
+        with:
+          node-version: 20.19.x
+          cache: yarn
+          cache-dependency-path: src/electron/yarn.lock
+      - name: Install Dependencies
+        uses: ./src/electron/.github/actions/install-dependencies
+      - name: Install AZCopy
+        if: ${{ inputs.target-platform == 'macos' }}
+        run: brew install azcopy
+      - name: Set GN_EXTRA_ARGS for Linux
+        if: ${{ inputs.target-platform == 'linux' }}
+        run: >
+          if [ "${{ inputs.target-arch  }}" = "arm" ]; then
+            if [ "${{ inputs.is-release  }}" = true ]; then
+              GN_EXTRA_ARGS='target_cpu="arm" build_tflite_with_xnnpack=false symbol_level=1'
+            else
+              GN_EXTRA_ARGS='target_cpu="arm" build_tflite_with_xnnpack=false'
+            fi
+          elif [ "${{ inputs.target-arch }}" = "arm64" ]; then
+            GN_EXTRA_ARGS='target_cpu="arm64" fatal_linker_warnings=false enable_linux_installer=false'
+          elif [ "${{ inputs.is-asan }}" = true ]; then
+            GN_EXTRA_ARGS='is_asan=true'
+          fi
+
+          echo "GN_EXTRA_ARGS=$GN_EXTRA_ARGS" >> $GITHUB_ENV
+      - name: Set Chromium Git Cookie
+        uses: ./src/electron/.github/actions/set-chromium-cookie
+      - name: Install Build Tools
+        uses: ./src/electron/.github/actions/install-build-tools
+      - name: Generate DEPS Hash
+        run: |
+          node src/electron/script/generate-deps-hash.js
+          DEPSHASH=v1-src-cache-$(cat src/electron/.depshash)
+          echo "DEPSHASH=$DEPSHASH" >> $GITHUB_ENV
+          echo "CACHE_PATH=$DEPSHASH.tar" >> $GITHUB_ENV
+      - name: Restore src cache via AZCopy
+        if: ${{ inputs.target-platform != 'linux' }}
+        uses: ./src/electron/.github/actions/restore-cache-azcopy
+        with:
+          target-platform: ${{ inputs.target-platform }}
+      - name: Restore src cache via AKS
+        if: ${{ inputs.target-platform == 'linux' }}
+        uses: ./src/electron/.github/actions/restore-cache-aks
+      - name: Checkout Electron
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
+        with:
+          path: src/electron
+          fetch-depth: 0
+          ref: ${{ github.event.pull_request.head.sha }}
+      - name: Fix Sync
+        if: ${{ inputs.target-platform != 'linux' }}
+        uses: ./src/electron/.github/actions/fix-sync
+        with:
+          target-platform: ${{ inputs.target-platform }}
+        env:
+          ELECTRON_DEPOT_TOOLS_DISABLE_LOG: true
+      - name: Init Build Tools
+        run: >
+          e init -f --root=$(pwd) --out=Default ${{ inputs.gn-build-type }}
+          --import ${{ inputs.gn-build-type }} --target-cpu ${{
+          inputs.target-arch }} --remote-build siso
+      - name: Run Electron Only Hooks
+        run: |
+          e d gclient runhooks --spec="solutions=[{'name':'src/electron','url':None,'deps_file':'DEPS','custom_vars':{'process_deps':False},'managed':False}]"
+      - name: Regenerate DEPS Hash
+        run: >
+          (cd src/electron && git checkout .) && node
+          src/electron/script/generate-deps-hash.js
+
+          echo "DEPSHASH=$(cat src/electron/.depshash)" >> $GITHUB_ENV
+      - name: Add CHROMIUM_BUILDTOOLS_PATH to env
+        run: echo "CHROMIUM_BUILDTOOLS_PATH=$(pwd)/src/buildtools" >> $GITHUB_ENV
+      - name: Free up space (macOS)
+        if: ${{ inputs.target-platform == 'macos' }}
+        uses: ./src/electron/.github/actions/free-space-macos
+      - name: Build Electron
+        if: ${{ inputs.target-platform != 'macos' || (inputs.target-variant == 'all' ||
+          inputs.target-variant == 'darwin') }}
+        uses: ./src/electron/.github/actions/build-electron
+        with:
+          target-arch: ${{ inputs.target-arch }}
+          target-platform: ${{ inputs.target-platform }}
+          artifact-platform: ${{ inputs.target-platform == 'macos' && 'darwin' ||
+            inputs.target-platform }}
+          is-release: ${{ inputs.is-release }}
+          generate-symbols: ${{ inputs.generate-symbols }}
+          upload-to-storage: ${{ inputs.upload-to-storage }}
+          is-asan: ${{ inputs.is-asan }}
+      - name: Set GN_EXTRA_ARGS for MAS Build
+        if: ${{ inputs.target-platform == 'macos' && (inputs.target-variant == 'all' ||
+          inputs.target-variant == 'mas') }}
+        run: |
+          echo "MAS_BUILD=true" >> $GITHUB_ENV
+          GN_EXTRA_ARGS='is_mas_build=true'
+          echo "GN_EXTRA_ARGS=$GN_EXTRA_ARGS" >> $GITHUB_ENV
+      - name: Build Electron (MAS)
+        if: ${{ inputs.target-platform == 'macos' && (inputs.target-variant == 'all' ||
+          inputs.target-variant == 'mas') }}
+        uses: ./src/electron/.github/actions/build-electron
+        with:
+          target-arch: ${{ inputs.target-arch }}
+          target-platform: ${{ inputs.target-platform }}
+          artifact-platform: mas
+          is-release: ${{ inputs.is-release }}
+          generate-symbols: ${{ inputs.generate-symbols }}
+          upload-to-storage: ${{ inputs.upload-to-storage }}
+          step-suffix: (mas)

.github/workflows/windows-publish.yml

@@ -51,9 +51,12 @@ jobs:
         target-platform: win
 
   publish-x64-win:
-    uses: ./.github/workflows/pipeline-segment-electron-build.yml
+    uses: ./.github/workflows/pipeline-segment-electron-publish.yml
     permissions:
+      artifact-metadata: write
+      attestations: write
       contents: read
+      id-token: write
     needs: checkout-windows
     with:
       environment: production-release
@@ -67,9 +70,12 @@ jobs:
     secrets: inherit
 
   publish-arm64-win:
-    uses: ./.github/workflows/pipeline-segment-electron-build.yml
+    uses: ./.github/workflows/pipeline-segment-electron-publish.yml
     permissions:
+      artifact-metadata: write
+      attestations: write
       contents: read
+      id-token: write
     needs: checkout-windows
     with:
       environment: production-release
@@ -83,9 +89,12 @@ jobs:
     secrets: inherit
 
   publish-x86-win:
-    uses: ./.github/workflows/pipeline-segment-electron-build.yml
+    uses: ./.github/workflows/pipeline-segment-electron-publish.yml
     permissions:
+      artifact-metadata: write
+      attestations: write
       contents: read
+      id-token: write
     needs: checkout-windows
     with:
       environment: production-release

package.json

@@ -57,7 +57,8 @@
     "url": "^0.11.4",
     "webpack": "^5.95.0",
     "webpack-cli": "^5.1.4",
-    "wrapper-webpack-plugin": "^2.2.0"
+    "wrapper-webpack-plugin": "^2.2.0",
+    "yaml": "^2.8.1"
   },
   "private": true,
   "scripts": {
@@ -132,6 +133,10 @@
     "DEPS": [
       "node script/gen-hunspell-filenames.js",
       "node script/gen-libc++-filenames.js"
+    ],
+    ".github/workflows/pipeline-segment-electron-build.yml": [
+      "node script/copy-pipeline-segment-publish.js",
+      "git add .github/workflows/pipeline-segment-electron-publish.yml"
     ]
   },
   "resolutions": {

patches/chromium/.patches

@@ -140,3 +140,4 @@ band-aid_over_an_issue_with_using_deprecated_nsopenpanel_api.patch
 inspectorpageagent_provisional_frame_speculative_fix.patch
 expose_referrerscriptinfo_hostdefinedoptionsindex.patch
 fix_release_mouse_buttons_on_focus_loss_on_wayland.patch
+cherry-pick-e045399a1ecb.patch

patches/chromium/cherry-pick-e045399a1ecb.patch

@@ -0,0 +1,133 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Dominik=20R=C3=B6ttsches?= <drott@chromium.org>
+Date: Thu, 12 Feb 2026 06:35:36 -0800
+Subject: Avoid stale iteration in CSSFontFeatureValuesMap
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+To avoid invalid iterator state, take a snapshot of the
+map when creating the iteration source. This addresses
+the immediate problem of iterating while modifying.
+
+Remaining work tracked in https://crbug.com/483936078
+
+Fixed: 483569511
+Change-Id: Ie29cfdf7ed94bbe189b44c842a5efce571bb2cee
+Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7566570
+Commit-Queue: Dominik Röttsches <drott@chromium.org>
+Reviewed-by: Anders Hartvoll Ruud <andruud@chromium.org>
+Cr-Commit-Position: refs/heads/main@{#1583927}
+
+diff --git a/third_party/blink/renderer/core/css/css_font_feature_values_map.cc b/third_party/blink/renderer/core/css/css_font_feature_values_map.cc
+index 24303069e2531afebec29977378ba708051e117d..1862dae14a63769f0fe1fe1cf5f6f880148ce37b 100644
+--- a/third_party/blink/renderer/core/css/css_font_feature_values_map.cc
++++ b/third_party/blink/renderer/core/css/css_font_feature_values_map.cc
+@@ -13,17 +13,16 @@ class FontFeatureValuesMapIterationSource final
+     : public PairSyncIterable<CSSFontFeatureValuesMap>::IterationSource {
+  public:
+   FontFeatureValuesMapIterationSource(const CSSFontFeatureValuesMap& map,
+-                                      const FontFeatureAliases* aliases)
+-      : map_(map), aliases_(aliases), iterator_(aliases->begin()) {}
++                                      const FontFeatureAliases aliases)
++      : map_(map),
++        aliases_(std::move(aliases)),
++        iterator_(aliases_.begin()) {}
+ 
+   bool FetchNextItem(ScriptState* script_state,
+                      String& map_key,
+                      Vector<uint32_t>& map_value,
+                      ExceptionState&) override {
+-    if (!aliases_) {
+-      return false;
+-    }
+-    if (iterator_ == aliases_->end()) {
++    if (iterator_ == aliases_.end()) {
+       return false;
+     }
+     map_key = iterator_->key;
+@@ -38,9 +37,13 @@ class FontFeatureValuesMapIterationSource final
+   }
+ 
+  private:
+-  // Needs to be kept alive while we're iterating over it.
+   const Member<const CSSFontFeatureValuesMap> map_;
+-  const FontFeatureAliases* aliases_;
++  // Create a copy to keep the iterator from becoming invalid if there are
++  // modifications to the aliases HashMap while iterating.
++  // TODO(https://crbug.com/483936078): Implement live/stable iteration over
++  // FontFeatureAliases by changing its storage type, avoiding taking a copy
++  // here.
++  const FontFeatureAliases aliases_;
+   FontFeatureAliases::const_iterator iterator_;
+ };
+ 
+@@ -50,8 +53,8 @@ uint32_t CSSFontFeatureValuesMap::size() const {
+ 
+ PairSyncIterable<CSSFontFeatureValuesMap>::IterationSource*
+ CSSFontFeatureValuesMap::CreateIterationSource(ScriptState*, ExceptionState&) {
+-  return MakeGarbageCollected<FontFeatureValuesMapIterationSource>(*this,
+-                                                                   aliases_);
++  return MakeGarbageCollected<FontFeatureValuesMapIterationSource>(
++      *this, aliases_ ? *aliases_ : FontFeatureAliases());
+ }
+ 
+ bool CSSFontFeatureValuesMap::GetMapEntry(ScriptState*,
+diff --git a/third_party/blink/web_tests/external/wpt/css/css-fonts/font_feature_values_map_iteration.html b/third_party/blink/web_tests/external/wpt/css/css-fonts/font_feature_values_map_iteration.html
+new file mode 100644
+index 0000000000000000000000000000000000000000..eac7198b0b4a58007cbcc77ad3e9357a1009117c
+--- /dev/null
++++ b/third_party/blink/web_tests/external/wpt/css/css-fonts/font_feature_values_map_iteration.html
+@@ -0,0 +1,52 @@
++<!DOCTYPE html>
++<html>
++  <head>
++    <title>CSSFontFeatureValuesMap Iteration and Modification</title>
++    <link
++      rel="help"
++      href="https://drafts.csswg.org/css-fonts-4/#om-fontfeaturevalues"
++    />
++    <meta
++      name="assert"
++      content="Iteration while modifying CSSFontFeatureValuesMap does not crash."
++    />
++    <script type="text/javascript" src="/resources/testharness.js"></script>
++    <script
++      type="text/javascript"
++      src="/resources/testharnessreport.js"
++    ></script>
++  </head>
++  <body>
++    <style>
++      @font-feature-values TestFont {
++        @styleset {
++          a: 1;
++          b: 2;
++          c: 3;
++        }
++      }
++    </style>
++    <script>
++      test(() => {
++        const rule = document.styleSheets[0].cssRules[0];
++        const map = rule.styleset;
++        const iterator = map.entries();
++        let count = 0;
++
++        while (count < 10) {
++          const { value: entry, done } = iterator.next();
++          if (done) break;
++
++          const [key, value] = entry;
++
++          map.delete(key);
++          for (let i = 0; i < 100; i++) {
++            map.set(`newkey_${count}_${i}`, i);
++          }
++
++          count++;
++        }
++      }, "Iteration of the CSSFontFeatureValuesMap does not crash.");
++    </script>
++  </body>
++</html>

script/copy-pipeline-segment-publish.js

@@ -0,0 +1,32 @@
+const yaml = require('yaml');
+
+const fs = require('node:fs');
+const path = require('node:path');
+
+const PREFIX = '# AUTOGENERATED FILE - DO NOT EDIT MANUALLY\n# ONLY EDIT .github/workflows/pipeline-segment-electron-build.yml\n\n';
+
+const base = path.resolve(__dirname, '../.github/workflows/pipeline-segment-electron-build.yml');
+const target = path.resolve(__dirname, '../.github/workflows/pipeline-segment-electron-publish.yml');
+
+const baseContents = fs.readFileSync(base, 'utf-8');
+
+const parsedBase = yaml.parse(baseContents);
+parsedBase.jobs.build.permissions = {
+  'artifact-metadata': 'write',
+  attestations: 'write',
+  contents: 'read',
+  'id-token': 'write'
+};
+
+if (process.argv.includes('--check')) {
+  if (fs.readFileSync(target, 'utf-8') !== PREFIX + yaml.stringify(parsedBase)) {
+    console.error(`${target} is out of date`);
+    console.error('Please run "copy-pipeline-segment-publish.js" to update it');
+    process.exit(1);
+  }
+} else {
+  fs.writeFileSync(
+    target,
+    PREFIX + yaml.stringify(parsedBase)
+  );
+}

script/release/uploaders/upload.py

@@ -368,6 +368,14 @@ def upload_io_to_github(release, filename, filepath, version):
         sys.stdout.buffer.write(c)
         sys.stdout.flush()
 
+  if "GITHUB_OUTPUT" in os.environ:
+    output_path = os.environ["GITHUB_OUTPUT"]
+    with open(output_path, "r+", encoding='utf-8') as github_output:
+      if len(github_output.readlines()) > 0:
+        github_output.write(",")
+      else:
+        github_output.write('UPLOADED_PATHS=')
+      github_output.write(filepath)
 
 def upload_sha256_checksum(version, file_path, key_prefix=None):
   checksum_path = f'{file_path}.sha256sum'

shell/browser/mac/electron_application_delegate.mm

@@ -56,11 +56,6 @@ static NSDictionary* UNNotificationResponseToNSDictionary(
 }
 
 - (void)applicationWillFinishLaunching:(NSNotification*)notify {
-  // Don't add the "Enter Full Screen" menu item automatically.
-  [[NSUserDefaults standardUserDefaults]
-      setBool:NO
-       forKey:@"NSFullScreenMenuItemEverywhere"];
-
   [[[NSWorkspace sharedWorkspace] notificationCenter]
       addObserver:self
          selector:@selector(willPowerOff:)
@@ -114,7 +109,14 @@ static NSDictionary* UNNotificationResponseToNSDictionary(
 }
 
 - (NSMenu*)applicationDockMenu:(NSApplication*)sender {
-  return menu_controller_ ? menu_controller_.menu : nil;
+  if (!menu_controller_)
+    return nil;
+
+  // Manually refresh menu state since menuWillOpen: is not called
+  // by macOS for dock menus for some reason before they are displayed.
+  NSMenu* menu = menu_controller_.menu;
+  [menu_controller_ refreshMenuTree:menu];
+  return menu;
 }
 
 - (BOOL)application:(NSApplication*)sender openFile:(NSString*)filename {

shell/browser/ui/cocoa/electron_menu_controller.h

@@ -57,6 +57,10 @@ class ElectronMenuModel;
 // Whether the menu is currently open.
 - (BOOL)isMenuOpen;
 
+// Recursively refreshes the menu tree starting from |menu|, applying the
+// model state (enabled, checked, hidden etc) to each menu item.
+- (void)refreshMenuTree:(NSMenu*)menu;
+
 // NSMenuDelegate methods this class implements. Subclasses should call super
 // if extending the behavior.
 - (void)menuWillOpen:(NSMenu*)menu;

shell/browser/ui/cocoa/electron_menu_controller.mm

@@ -490,8 +490,6 @@ NSArray* ConvertSharingItemToNS(const SharingItem& item) {
                                              : NSControlStateValueOff;
 }
 
-// Recursively refreshes the menu tree starting from |menu|, applying the
-// model state to each menu item.
 - (void)refreshMenuTree:(NSMenu*)menu {
   for (NSMenuItem* item in menu.itemArray) {
     [self applyStateToMenuItem:item];
@@ -557,6 +555,14 @@ NSArray* ConvertSharingItemToNS(const SharingItem& item) {
 
 - (void)menuWillOpen:(NSMenu*)menu {
   isMenuOpen_ = YES;
+
+  // macOS automatically injects a duplicate "Toggle Full Screen" menu item
+  // when we set menu.delegate on submenus. Remove hidden duplicates.
+  for (NSMenuItem* item in menu.itemArray) {
+    if (item.isHidden && item.action == @selector(toggleFullScreenMode:))
+      [menu removeItem:item];
+  }
+
   [self refreshMenuTree:menu];
   if (model_)
     model_->MenuWillShow();

shell/browser/ui/gtk_util.cc

@@ -82,11 +82,13 @@ GdkPixbuf* GdkPixbufFromSkBitmap(const SkBitmap& bitmap) {
   constexpr GdkColorspace kColorspace = GDK_COLORSPACE_RGB;
   constexpr gboolean kHasAlpha = true;
   constexpr int kBitsPerSample = 8;
-  return gdk_pixbuf_new_from_bytes(
-      g_bytes_new(std::data(bytes), std::size(bytes)), kColorspace, kHasAlpha,
-      kBitsPerSample, width, height,
+  GBytes* gbytes = g_bytes_new(std::data(bytes), std::size(bytes));
+  GdkPixbuf* pixbuf = gdk_pixbuf_new_from_bytes(
+      gbytes, kColorspace, kHasAlpha, kBitsPerSample, width, height,
       gdk_pixbuf_calculate_rowstride(kColorspace, kHasAlpha, kBitsPerSample,
                                      width, height));
+  g_bytes_unref(gbytes);
+  return pixbuf;
 }
 
 }  // namespace gtk_util

spec/api-app-spec.ts

@@ -2,7 +2,6 @@ import { app, BrowserWindow, Menu, session, net as electronNet, WebContents, uti
 
 import { assert, expect } from 'chai';
 import * as semver from 'semver';
-import split = require('split')
 
 import * as cp from 'node:child_process';
 import { once } from 'node:events';
@@ -11,6 +10,7 @@ import * as http from 'node:http';
 import * as https from 'node:https';
 import * as net from 'node:net';
 import * as path from 'node:path';
+import * as readline from 'node:readline';
 import { setTimeout } from 'node:timers/promises';
 import { promisify } from 'node:util';
 
@@ -260,11 +260,11 @@ describe('app module', () => {
       const firstExited = once(first, 'exit');
 
       // Wait for the first app to boot.
-      const firstStdoutLines = first.stdout.pipe(split());
-      while ((await once(firstStdoutLines, 'data')).toString() !== 'started') {
+      const firstStdoutLines = readline.createInterface({ input: first.stdout });
+      while ((await once(firstStdoutLines, 'line')).toString() !== 'started') {
         // wait.
       }
-      const additionalDataPromise = once(firstStdoutLines, 'data');
+      const additionalDataPromise = once(firstStdoutLines, 'line');
 
       const secondInstanceArgs = [process.execPath, appPath, ...testArgs.args, '--some-switch', 'some-arg'];
       const second = cp.spawn(secondInstanceArgs[0], secondInstanceArgs.slice(1));

spec/package.json

@@ -23,7 +23,6 @@
     "@types/mocha": "^7.0.2",
     "@types/send": "^0.14.5",
     "@types/sinon": "^9.0.4",
-    "@types/split": "^1.0.5",
     "@types/uuid": "^3.4.6",
     "@types/w3c-web-serial": "^1.0.7",
     "@types/ws": "^7.2.0",
@@ -46,7 +45,6 @@
     "q": "^1.5.1",
     "send": "^0.19.0",
     "sinon": "^9.0.1",
-    "split": "^1.0.1",
     "uuid": "^3.3.3",
     "winreg": "1.2.4",
     "ws": "^7.5.10",

yarn.lock

@@ -490,6 +490,7 @@ __metadata:
     webpack: "npm:^5.95.0"
     webpack-cli: "npm:^5.1.4"
     wrapper-webpack-plugin: "npm:^2.2.0"
+    yaml: "npm:^2.8.1"
   dependenciesMeta:
     abstract-socket:
       built: true
@@ -1990,16 +1991,6 @@ __metadata:
   languageName: node
   linkType: hard
 
-"@types/split@npm:^1.0.5":
-  version: 1.0.5
-  resolution: "@types/split@npm:1.0.5"
-  dependencies:
-    "@types/node": "npm:*"
-    "@types/through": "npm:*"
-  checksum: 10c0/eb187a3b07e5064928e49bffd5c45ad1f1109135fee52344bb7623cdb55e2ebb16bd6ca009a30a0a6e2b262f7ebb7bf18030ff873819e80fafd4cbb51dba1a74
-  languageName: node
-  linkType: hard
-
 "@types/stream-chain@npm:*":
   version: 2.0.0
   resolution: "@types/stream-chain@npm:2.0.0"
@@ -2042,15 +2033,6 @@ __metadata:
   languageName: node
   linkType: hard
 
-"@types/through@npm:*":
-  version: 0.0.33
-  resolution: "@types/through@npm:0.0.33"
-  dependencies:
-    "@types/node": "npm:*"
-  checksum: 10c0/6a8edd7f40cd7e197318e86310a40e568cddd380609dde59b30d5cc6c5f8276ddc698905eac4b3b429eb39f2e8ee326bc20dc6e95a2cdc41c4d3fc9a1ebd4929
-  languageName: node
-  linkType: hard
-
 "@types/unist@npm:*, @types/unist@npm:^2.0.0":
   version: 2.0.6
   resolution: "@types/unist@npm:2.0.6"
@@ -4543,7 +4525,6 @@ __metadata:
     "@types/mocha": "npm:^7.0.2"
     "@types/send": "npm:^0.14.5"
     "@types/sinon": "npm:^9.0.4"
-    "@types/split": "npm:^1.0.5"
     "@types/uuid": "npm:^3.4.6"
     "@types/w3c-web-serial": "npm:^1.0.7"
     "@types/ws": "npm:^7.2.0"
@@ -4566,7 +4547,6 @@ __metadata:
     q: "npm:^1.5.1"
     send: "npm:^0.19.0"
     sinon: "npm:^9.0.1"
-    split: "npm:^1.0.1"
     uuid: "npm:^3.3.3"
     winreg: "npm:1.2.4"
     ws: "npm:^7.5.10"
@@ -14377,6 +14357,15 @@ __metadata:
   languageName: node
   linkType: hard
 
+"yaml@npm:^2.8.1":
+  version: 2.8.2
+  resolution: "yaml@npm:2.8.2"
+  bin:
+    yaml: bin.mjs
+  checksum: 10c0/703e4dc1e34b324aa66876d63618dcacb9ed49f7e7fe9b70f1e703645be8d640f68ab84f12b86df8ac960bac37acf5513e115de7c970940617ce0343c8c9cd96
+  languageName: node
+  linkType: hard
+
 "yamux-js@npm:0.1.2":
   version: 0.1.2
   resolution: "yamux-js@npm:0.1.2"